Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2014-09-08	vBulletin 5.1.x – Persistent Cross-Site Scripting	webapps	php	smash
2014-09-07	WordPress Plugin Spider Facebook – ‘facebook.php’ SQL Injection	webapps	php	Claudio Viviani
2014-09-07	PhpOnlineChat 3.0 – Cross-Site Scripting	webapps	php	N0 Feel
2014-09-07	WordPress Plugin Like Dislike Counter 1.2.3 – SQL Injection	webapps	php	Att4ck3r.ir
2014-09-07	LoadedCommerce7 – Systemic Query Factory	webapps	php	Breaking.Technology
2014-09-07	Invision Power Board (IP.Board) 3.x – Cross-Site Request Forgery / Token Hjiacking	webapps	php	Piotr S.
2014-09-05	BulletProof FTP Client 2010 – Buffer Overflow (SEH)	dos	windows	Robert Kugler
2014-09-05	MyBB User Social Networks Plugin 1.2 – Persistent Cross-Site Scripting	webapps	php	Fikri Fadzil
2014-09-05	WordPress Plugin Premium Gallery Manager – Configuration Access	webapps	php	Hannaichi
2014-09-03	vBulletin 4.0.x < 4.1.2 - 'search.php?cat' SQL Injection	webapps	php	D35m0nd142
2014-09-02	Mozilla Firefox 9.0.1 / Thunderbird 3.1.20 – Information Disclosure	remote	multiple	Michal Zalewski
2014-09-02	Syslog LogAnalyzer 3.6.5 – Persistent Cross-Site Scripting	webapps	multiple	Dolev Farhi
2014-09-02	WordPress Plugin Huge-IT Image Gallery 1.0.1 – (Authenticated) SQL Injection	webapps	php	Claudio Viviani
2014-09-01	Arachni Web Application Scanner Web UI – Persistent Cross-Site Scripting	webapps	multiple	Prakhar Prasad
2014-09-01	LeapFTP 3.1.0 – URL Handling Buffer Overflow (SEH)	local	windows	k3170makan
2014-09-01	Mulitple WordPress Themes – ‘admin-ajax.php?img’ Arbitrary File Download	webapps	php	Hugo Santiago
2014-09-01	ManageEngine EventLog Analyzer – Multiple Vulnerabilities (1)	webapps	jsp	Hans-Martin Muench
2014-09-01	ManageEngine Desktop Central – Arbitrary File Upload / Remote Code Execution	webapps	jsp	Pedro Ribeiro
2014-09-01	Wing FTP Server – (Authenticated) Command Execution (Metasploit)	remote	windows	Metasploit
2014-09-01	WordPress Plugin Slideshow Gallery 1.4.6 – Arbitrary File Upload	webapps	php	Jesus Ramirez Pichardo
2014-08-31	HTML Help Workshop 1.4 – Local Buffer Overflow (SEH)	local	windows	mr.pr0n
2014-08-29	F5 Big-IP – rsync Access	remote	hardware	Security-Assessment.com
2014-08-29	HTML Help Workshop 1.4 – Buffer Overflow (SEH) (PoC)	dos	windows	Moroccan Kingdom (MKD)
2014-08-29	NRPE 2.15 – Remote Code Execution	remote	multiple	Claudio Viviani
2014-08-28	Microsoft Internet Explorer – Memory Corruption (PoC) (MS14-029)	dos	windows	PhysicalDrive0
2014-08-28	XRms – Blind SQL Injection / Command Execution	webapps	php	Benjamin Harris
2014-08-28	PhpWiki – Remote Command Execution	webapps	php	Benjamin Harris
2014-08-28	ActualAnalyzer Lite 2.81 – Command Execution	webapps	php	Benjamin Harris
2014-08-28	ManageEngine DeviceExpert 5.9 – User Credential Disclosure	webapps	multiple	Pedro Ribeiro
2014-08-28	Plogger 1.0-RC1 – (Authenticated) Arbitrary File Upload	webapps	php	b0z
2014-08-28	Mozilla Firefox – WebIDL Privileged JavaScript Injection (Metasploit)	remote	multiple	Metasploit
2014-08-28	WordPress Plugin ShortCode 0.2.3 – Local File Inclusion	webapps	php	Mehdi Karout & Christian Galeone
2014-08-27	WordPress Plugin WooCommerce Store Exporter 1.7.5 – Multiple Cross-Site Scripting Vulnerabilities	webapps	php	Mike Manzotti
2014-08-27	glibc – NUL Byte gconv_translit_find Off-by-One	local	linux	taviso & scarybeasts
2014-08-26	Joomla! Component spidervideoplayer – ‘theme’ SQL Injection	webapps	php	Claudio Viviani
2014-08-26	Granding MA300 – Weak Pin Encryption Brute Force	remote	multiple	Eric Sesterhenn
2014-08-26	Granding MA300 – Traffic Sniffing Man In The Middle Fingerprint PIN Disclosure	remote	multiple	Eric Sesterhenn
2014-08-26	VTLS Virtua InfoStation.cgi – SQL Injection	webapps	cgi	José Tozo
2014-08-26	ntopng 1.2.0 – Cross-Site Scripting Injection	webapps	multiple	Steffen Bauch
2014-08-25	ManageEngine Password Manager – MetadataServlet.dat SQL Injection (Metasploit)	webapps	multiple	Pedro Ribeiro
2014-08-25	Innovaphone PBX Admin-GUI – Cross-Site Request Forgery	webapps	multiple	Rainer Giedat
2014-08-25	PHP Stock Management System 1.02 – Multiple Persistent Cross-Site Scripting Vulnerabilities	webapps	php	Ragha Deepthi K R
2014-08-24	WordPress Plugin KenBurner Slider – ‘admin-ajax.php’ Arbitrary File Download	webapps	php	MF0x
2014-08-24	Air Transfer Iphone 1.3.9 – Multiple Vulnerabilities	remote	ios	Samandeep Singh
2014-08-23	LiveWorld Multiple Products – Cross Site Scripting	webapps	asp	GulfTech Security
2014-08-22	MyAwards MyBB Module – Cross-Site Request Forgery	webapps	php	Vagineer
2014-08-21	HybridAuth – ‘install.php’ PHP Code Execution (Metasploit)	remote	php	Metasploit
2014-08-21	MyBB 1.8 Beta 3 – Multiple Vulnerabilities	webapps	php	DemoLisH B3yaZ
2014-08-20	ArticleFR – ‘id’ SQL Injection	webapps	php	High-Tech Bridge
2014-08-20	ManageEngine Password Manager Pro / ManageEngine IT360 – SQL Injection	webapps	multiple	Pedro Ribeiro